EAP-TTLS in WinXP
rgreiner
mrgreiner at gmail.com
Tue Sep 2 01:01:03 CEST 2008
A.L.M.Buxey at lboro.ac.uk wrote:
> Hi,
>
>> Hi,
>>
>> I've seen that Windows XP does not support EAP-TTLS out of the box. I
>> know there is at least one package (from SecureW2) that adds this to
>> windows.
>>
>> Could somebody suggest me which other packages do the same? Or should I
>> use the one from SecureW2?
>>
>
> open1x.sf.net, Funk Odyssey, Cisco Supplicant (was Aegis Meetinghouse)
>
>
>> We intend to implement 802.1x Campus wide (or at least analyze it's
>> viability), but due to our policies we don't want open passwords in our
>> database, so PEAP (which uses MS-CHAP, as far as I did understand), is
>> not a viable option, despite being the only option native to WinXP.
>>
>
> errm, PEAP uses MSCHAPv2 which never passes the password - its a
> challenge response method - and the password, depending on which
> resource you use, doesnt need to be cleartext either. The other
> option native to WinXP for 802.1X is EAP-TLS
>
> alan
>
Ok, then I got something wrong. Is there any link where I could get more
details about ms-chapv2 inside PEAP, more exactly concerning this
details about password? As far as I knew, ms-chapv2 would always require
cleartext passwords in the database.
Tks,
Roberto
--
-----------------------------------------------------
Marcos Roberto Greiner
Os otimistas acham que estamos no melhor dos mundos
Os pessimistas tem medo de que isto seja verdade
Murphy
-----------------------------------------------------
More information about the Freeradius-Users
mailing list